Lucene search
K
X.orgLibx11

15 matches found

CVE
CVE
added 2021/05/27 12:26 p.m.637 views

CVE-2021-31535

CVE-2021-31535 affects libX11 (and related X.Org X components) where LookupCol.c handling of XLookupColor lacks proper length checks. An attacker can send color-name requests longer than protocol/packet limits, causing the server to parse extra X protocol requests and potentially execute arbitrar...

9.8CVSS7.7AI score0.10634EPSS
CVE
CVE
added 2023/10/10 12:26 p.m.538 views

CVE-2023-43786

CVE-2023-43786 affects libX11 with an infinite loop in PutSubImage(), enabling local denial of service via resource exhaustion. Public advisories show fixes across libX11 packages (e.g., newer libX11 1.6.7-era releases in AL/AlmaLinux advisories). No explicit exploit details are provided in the c...

5.5CVSS6.5AI score0.00461EPSS
CVE
CVE
added 2023/10/10 12:26 p.m.534 views

CVE-2023-43785

CVE-2023-43785 affects libX11 with a boundary condition in _XkbReadKeySyms(), allowing a local user to trigger an out-of-bounds read of memory. The issue is documented across multiple advisories (Red Hat, AlmaLinux, Ubuntu Cloud Foundry USN) with related fixes in libX11; exploitation details are ...

6.5CVSS6.4AI score0.00633EPSS
CVE
CVE
added 2023/10/10 12:26 p.m.520 views

CVE-2023-43787

Summary: CVE-2023-43787 affects the libX11 library via an integer overflow in XCreateImage(), enabling a local user to trigger a heap overflow and potentially execute arbitrary code with elevated privileges. What’s affected: libX11 (Xorg X11 client library); affected function is XCreateImage(). R...

7.8CVSS8.2AI score0.00427EPSS
CVE
CVE
added 2020/09/11 6:2 p.m.405 views

CVE-2020-14363

CVE-2020-14363 is a vulnerability in the core X11 client library, libX11. The issue is an integer overflow that leads to a double-free in locale handling , exposing a local attacker with privileges to crash an application linked against libX11 and potentially execute arbitrary code. Affected cont...

7.8CVSS7.8AI score0.00575EPSS
CVE
CVE
added 2020/08/05 1:8 p.m.375 views

CVE-2020-14344

The CVE-2020-14344 issue is described in Connected Document ALAS2-2021-1661 as an integer overflow in libX11 that leads to a heap-buffer overflow when setuid processes call XIM client functions. Affected packages include libX11 and related libX11-devel/debuginfo across aarch64, i686, noarch, src,...

6.7CVSS7.2AI score0.00465EPSS
CVE
CVE
added 2018/08/24 7:0 p.m.253 views

CVE-2018-14599

CVE-2018-14599 affects libX11 up to version 1.6.5, with an off-by-one error in XListExtensions (ListExt.c) caused by crafted server responses that can lead to a crash or memory corruption and Denial of Service. Connected sources detail the vulnerability as part of a broader set of libX11 issues i...

9.8CVSS9.4AI score0.04799EPSS
CVE
CVE
added 2018/08/24 7:0 p.m.227 views

CVE-2018-14600

CVE-2018-14600 affects libX11: XListExtensions in ListExt.c interprets a value as signed instead of unsigned, causing an out-of-bounds write (up to 128 bytes) that can lead to DoS or remote code execution. The connected advisories confirm this as a fixed libX11 issue across distros and related Xo...

9.8CVSS9.6AI score0.09341EPSS
CVE
CVE
added 2018/08/24 7:0 p.m.212 views

CVE-2018-14598

The CVE-2018-14598 issue affects libX11 (XListExtensions in ListExt.c) where a malicious server can craft replies that overflow the first string, causing a NULL pointer to be freed later and triggering a DoS via segmentation fault. The problem is tied to input validation in XListExtensions and re...

7.5CVSS8.2AI score0.04229EPSS
CVE
CVE
added 2023/06/28 12:0 a.m.194 views

CVE-2023-3138

CVE-2023-3138 affects libX11. The issue arises in InitExt.c where values for Request, Event, or Error IDs are not validated against array bounds, allowing an out-of-bounds value from a malicious X server to overwrite parts of the Display structure and potentially crash the client (memory corrupti...

7.5CVSS7.7AI score0.01656EPSS
CVE
CVE
added 2015/04/16 2:0 p.m.118 views

CVE-2013-7439

CVE-2013-7439 affects X.Org libX11 and the X11R6.x include/X11/Xlibint.h, where multiple off-by-one errors in the MakeBigReq and SetReqLen macros can allow a remote attacker to trigger a buffer overflow. The vulnerability exists in libX11 prior to version 1.6.0. Impact as stated: unspecified in d...

7.5CVSS9.4AI score0.04282EPSS
CVE
CVE
added 2016/12/13 8:0 p.m.114 views

CVE-2016-7942

CVE-2016-7942 : X.Org libX11 contains an out-of-bounds read in XGetImage() (pre-1.6.4) that could allow a remote attacker to execute arbitrary code. Several vendor advisories confirm this vulnerability in libX11 and reference the same description. IBM bulletins for AMM/CMM report this CVE with th...

9.8CVSS9.2AI score0.04286EPSS
CVE
CVE
added 2016/12/13 8:0 p.m.108 views

CVE-2016-7943

CVE-2016-7943 is a vulnerability in X.Org libX11 (pre-1.6.4) where the XListFonts length field handling can trigger an out-of-bounds write, potentially allowing remote X servers to gain privileges. Related entry CVE-2016-7942 covers out-of-bounds reads (XGetImage) in the same library. These issue...

9.8CVSS9.3AI score0.04286EPSS
CVE
CVE
added 2007/03/24 9:0 p.m.107 views

CVE-2007-1667

CVE-2007-1667 is described in the initial entry as multiple integer overflows in (1) XGetPixel in X.Org libx11 before 1.0.3 and (2) XInitImage in xwd.c for ImageMagick, enabling user-assisted remote attackers to crash or possibly leak information via crafted images with large/negative values. Con...

9.3CVSS7.7AI score0.04613EPSS
CVE
CVE
added 2006/11/03 12:0 a.m.58 views

CVE-2006-5397

The CVE-2006-5397 issue affects X.Org libX11 1.0.2 and 1.0.3, specifically the Xinput module (modules/im/ximcp/imLcIm.c). The root cause is that the code opens a file for reading twice using the same file descriptor, causing a file descriptor leak. This leak allows local users to read files speci...

2.1CVSS6.1AI score0.00355EPSS